From: Theodore Tso <tytso@mit.edu>
Date: Tue, 29 Sep 1992 13:47:04 +0000 (+0000)
Subject: Added check of the receiver's address (if present)
X-Git-Tag: krb5-1.0-beta2~45
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=f16a10925ef099826daa44404ede2ac67693ee5f;p=krb5.git

Added check of the receiver's address (if present)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2417 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c
index 5a3b1b7c9..00d454703 100644
--- a/src/lib/krb5/krb/rd_priv.c
+++ b/src/lib/krb5/krb/rd_priv.c
@@ -185,6 +185,12 @@ OLDDECLARG(krb5_data *, outbuf)
 	    cleanup_mesg();
 	    return KRB5KRB_AP_ERR_BADADDR;
 	}
+	if (recv_addr && privmsg_enc_part->r_address &&
+	    !krb5_address_compare(recv_addr, privmsg_enc_part->r_address)) {
+	    cleanup_data();
+	    cleanup_mesg();
+	    return KRB5KRB_AP_ERR_BADADDR;
+	}	    
 	if (retval = krb5_gen_replay_name(sender_addr, "_priv",
 					  &replay.client)) {
 	    cleanup_data();
diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c
index 315570855..c2e297139 100644
--- a/src/lib/krb5/krb/rd_safe.c
+++ b/src/lib/krb5/krb/rd_safe.c
@@ -105,6 +105,11 @@ krb5_data *outbuf;
 	    cleanup();
 	    return KRB5KRB_AP_ERR_BADADDR;
 	}
+	if (recv_addr && message->r_address &&
+	    !krb5_address_compare(recv_addr, message->r_address)) {
+	    cleanup();
+	    return KRB5KRB_AP_ERR_BADADDR;
+	}	    
 	if (retval = krb5_gen_replay_name(sender_addr, "_safe",
 					  &replay.client)) {
 	    cleanup();